How I do use Powershell-RAT Gmail Backdoor?

Press 1: This option sets the execution policy to unrestricted using Set-ExecutionPolicy Unrestricted. This is useful on administrator machine

Press 2: This takes the screenshot of the current screen on the user machine using Shoot.ps1 Powershell script

Press 3: This option backdoors the user machine using schtasks and sets the task name to MicrosoftAntiVirusCriticalUpdatesCore

Press 4: This option sends an email from the user machine using Powershell. These uses Mail.ps1 file to send screenshot as attachment to exfiltrate data

Press 5: This option backdoors the user machine using schtasks and sets the task name to MicrosoftAntiVirusCriticalUpdatesUA

Press 6: This option deletes the screenshots from user machine to remain stealthy

Press 7: This option backdoors the user machine using schtasks and sets the task name to MicrosoftAntiVirusCriticalUpdatesDF

Press 8: This option performs all of the above with a single button press 8 on a keyboard. Attacker will receive an email every 5 minutes with screenshots as an email attachment. Screenshots will be deleted after 12 minutes

August 28, 2019 - 120 Shares

August 23, 2019 - 106 Shares

RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.